Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Security analysis of security applications for software defined networks

: Tasch, Markus; Khondoker, Rahamatullah; Marx, Ronald; Bayarou, Kpatcha

Postprint urn:nbn:de:0011-n-3238633 (234 KByte PDF)
MD5 Fingerprint: c426505af41214d130a548f23c3288a9
© ACM This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.
Created on: 29.1.2015

Association for Computing Machinery -ACM-; Association for Computing Machinery -ACM-, Special Interest Group on Data Communication -SIGCOMM-:
AINTEC 2014, 10th Asian Internet Engineering Conference. Proceedings : November 26 - 28, 2014, Chiang Mai, Thailand
New York: ACM, 2014
ISBN: 978-1-4503-3251-4
Asian Internet Engineering Conference (AINTEC) <10, 2014, Chiang Mai>
Conference Paper, Electronic Publication
Fraunhofer SIT ()
Software Defined Networking (SDN); STRIDE; Open-Flow; OpenFlow - Random Host Mutation; resonance

Software Defined Networking (SDN) is a novel approach to allow configuration of networks in real time and a centralized manner. Likewise to legacy network architectures, security mechanisms are used to protect the network and the end-hosts within the network against attacks. While the properties of SDN allow to implement sophisticated security mechanism as extension of the centralized controllers, they also make the controllers and any extensions of its functionality a valuable target for attackers. This motivates to analyze the security of security applications for SDN. In this paper, two security applications namely, OpenFlow-Random Host Mutation and Resonance, are analyzed using STRIDE. It is shown that most threats for the two security applications can be mitigated by using existing security mechanisms. Furthermore, general suggestions that should be considered when designing security applications for SDN are derived.